package cn.ww.conf;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

//@EnableWebSecurity // 启动SpringSecurity过滤器链
public class SecurityConf extends WebSecurityConfigurerAdapter {

   
    
    /**   资源权限控制     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
        .withUser("aaa").password(new BCryptPasswordEncoder().encode("123")).roles("USER","UPDATE","VIEW")
        .and().withUser("bbb").password(new BCryptPasswordEncoder().encode("123")).roles("VIEW");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        .antMatchers("/product/add").hasRole("UPDATE")
        .antMatchers("/product/update").hasRole("UPDATE")
        .antMatchers("/product/delete").hasRole("UPDATE")
        .antMatchers("/product/list").hasRole("VIEW")
        .antMatchers("/index").permitAll()
        .anyRequest().authenticated()
        //.and().formLogin().loginPage("/userLogin").loginProcessingUrl("/login").permitAll()
        .and().csrf().disable();
    }
    
}
